Peter Palfrader <wea...@debian.org> writes: > On Mon, 23 Feb 2009, Enrico Zini wrote: > > > If Debian were an OpenID provider, then using the Debian OpenID > > could automatically give some authorization, like assuming that > > one is a DD. That could have been handy, but indeed not > > particularly needed. > > As openid provides no security whatsoever
Just like an email address, an OpenID is good for identity; security needs to be dealt with in a separate layer, just as with email. I don't know who promised OpenID “provides security”, or expects it. > there's probably not a big chance of us (as in DSA) hopping onto the > openid hype any time soon. Given that we willingly use email for identity, despite the fact that email provides no security, I don't see how this is anything but a non-sequitur. -- \ “I fly Air Bizarre. You buy a combination one-way round-trip | `\ ticket. Leave any Monday, and they bring you back the previous | _o__) Friday. That way you still have the weekend.” —Steven Wright | Ben Finney -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org